function

function

关注
发信
Windows上的应用程序端口
更新访问数据库时未将datagridview实例设置为对象的实例
如何承诺这个功能 - nodejs
我不明白的GHC类型错误
一个Android应用程序的资源静态访问?
R网状无法找到已安装的python库
谷歌地图标记数据
Jsoup css选择器代码(包含xpath代码)
在networkx(Python)中获取DiGraph的根(头)
C ++性能:检查一块内存在特定单元格中具有特定的值
滚动或滑动窗口迭代器?
在Linux中有STDCALL吗?
UTF-8安全Equantlant ord或charCodeAt()在PHP
为什么的std :: bitset的< 8'变量无法处理11111111?
从cron运行casper.js脚本

Codeigniter删除所有html标签

扫码查看
本文介绍了Codeigniter删除所有html标签的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

如何使用codeigniter删除 ALL HTML标签?我猜想您将不得不使用PHP函数 strip_tags ,但是我想要类似XSS过滤的全局设置

How do you remove ALL HTML tags with codeigniter? im guessing you would have to use the PHP function strip_tags, but I wanted something like the global setting for XSS filtering

谢谢

推荐答案

如果您指的是使用 input 方法,是的,您可以从技术上打开 system / libraries / Input.php ,转到以下代码:

If you're referring to using the input methods, Yes, you could technically open up system/libraries/Input.php, head down to this code:

/**
* Clean Input Data
*
* This is a helper function. It escapes data and
* standardizes newline characters to \n
*
* @access   private
* @param    string
* @return   string
*/
function _clean_input_data($str)
{
    if (is_array($str))
    {
        $new_array = array();
        foreach ($str as $key => $val)
        {
            $new_array[$this->_clean_input_keys($key)] = $this->_clean_input_data($val);
        }
        return $new_array;
    }

    // We strip slashes if magic quotes is on to keep things consistent
    if (get_magic_quotes_gpc())
    {
        $str = stripslashes($str);
    }

    // Should we filter the input data?
    if ($this->use_xss_clean === TRUE)
    {
        $str = $this->xss_clean($str);
    }

    // Standardize newlines
    if (strpos($str, "\r") !== FALSE)
    {
        $str = str_replace(array("\r\n", "\r"), "\n", $str);
    }

    return $str;
}

在xss clean之后,您可以像这样放置自己的过滤功能:

And right after the xss clean, you could put your own filtering function like so:

// Should we filter the input data?
if ($this->use_xss_clean === TRUE)
{
    $str = $this->xss_clean($str);
}

$str = strip_tags($str);

但是,这意味着每次更新CodeIgniter时,都将不得不再次进行更改。另外,由于这是全局性的,因此,如果您要获取的值(例如数字)是没有意义的。由于这些原因

However this means that everytime you update CodeIgniter, you will have to make this change again. Also since this does all of this globally, it won't make sense if the value you're getting back is, say for example, numeric. Because of these reasons

现在作为替代解决方案,您可以使用库,可让您为字段设置自定义规则,包括可以接受一个参数的php函数,例如 strip_tags

Now for an alternative solution, you can use the CodeIgniter Form Validation library, which let's you set custom rules for fields, including php functions that can accept one argument, such as strip_tags:

$this->form_validation->set_rules('usertext', 'User Text', 'required|strip_tags');

我不确定情况如何,所以我让您决定采取哪种方法,但总的来说,我建议按案例处理数据验证,因为在大多数情况下,对数据的验证是唯一的。

I'm not sure what the circumstances are, so I'll let you decide which path to take, but in general I recommend handling data validation on a per case basis, since in a majority of cases the validation on the data is unique.

这篇关于Codeigniter删除所有html标签的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

09-05 12:12
查看更多
Powered by LMLPHP ©2025 function 0.042928